7 matches found
WordPress Complianz Premium Plugin < 6.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Complianz Premium Type Plugin Vulnerable versions 6.4.2 Fixed in 6.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1069 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 9c9adcf0c943 Credits Erwan LR WPScan...
CVE-2023-1069
The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform...
CVE-2023-1069
The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform...
CVE-2023-1069 Complianz - GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS
The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform...
CVE-2023-1069
The CVE-2023-1069 entry concerns the WordPress plug‑in Complianz (free and Premium) prior to version 6.4.2. The vulnerability arises from failing to validate and escape several shortcode attributes before echoing them in posts/pages where the shortcode is used, enabling a Stored XSS vector. Affec...
CVE-2023-1069 Complianz - GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS
The Complianz WordPress plugin before 6.4.2, Complianz Premium WordPress plugin before 6.4.2 do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform...
WordPress Complianz – GDPR/CCPA Cookie Consent Plugin < 6.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Complianz – GDPR/CCPA Cookie Consent Type Plugin Vulnerable versions 6.4.2 Fixed in 6.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1069 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 624d8c17b2e4 Credits...